Release 0.8.0
·
1052 commits
to main
since this release
What's Changed
- scorecards-analysis: bump scorecard-action to 2.0.6 by @woodruffw in #293
- .bump: delete by @woodruffw in #294
- build(deps): bump sigstore from 0.6.8 to 0.7.0 in /install by @dependabot in #295
- dependabot: Setup Dependabot for GitHub Actions by @tetsuo-cpp in #302
- workflows: Add conformance testing workflow by @tetsuo-cpp in #298
- build(deps): bump pypa/gh-action-pypi-publish from 1.5.0 to 1.5.1 by @dependabot in #303
- build(deps): bump actions/setup-python from 2.3.2 to 4.3.0 by @dependabot in #304
- Refactor the verification API by @woodruffw in #299
- sigstore, test: add actual SANs to policy failure reason by @woodruffw in #309
- workflows/staging-tests: add missing identity check by @woodruffw in #307
- oidc/oauth: avoid logging the OAuth auth headers by @woodruffw in #312
- sigstore: 0.8.0 by @woodruffw in #314
Full Changelog: v0.7.0...v0.8.0
Contributors
woodruffw, dependabot, and tetsuo-cpp